Research On Security Optimization Technology Based On Web Heterogeneous Redundancy System

With the advent of the Internet + era,the function of Web applications has been further expanded,which also actively promotes the development of Web technologies.The advent of new technologies provides more possibilities for applications and makes Web application building more and more complex.Unfortunately,the higher the complexity of building a Web application,the more attacks it exposes to attackers.At the same time,the new security risks posed by the new technology also make the current Web security defense system defense resistant to a wide variety of attack surfaces.The attacker launched an attack on any vulnerability of the Web service they were exploring.The asymmetry of this kind of attack and defense information keeps the Web security problem in the hot field of research.To compensate for the information asymmetry between attackers and defenders,many Web defense researchers have proposed heterogeneous and redundant Web applications to increase the complexity and diversity of Web applications.However,due to the complexity of Web application construction,it is difficult for builders to quantify the degree of heterogeneity of Web heterogeneous redundant systems.Based on the valuable experience of previous researchers and based on the basic theory of Web heterogeneous redundant systems,this paper proposes a method that can quantify the degree of heterogeneity of Web heterogeneous redundant systems.Based on this quantization method,A Scheme to Optimize the Heterogeneous Degree of Web Heterogeneous Redundancy Systems.On this basis,this paper will continue to optimize the Web security defense model,and propose a dynamic switching strategy that can dynamically switch Web executables,and transform the static Web heterogeneous system into a dynamic Web heterogeneous redundancy System,eventually system defense system from passive defense upgrade to active defense system.The main work of this paper and the results are as follows:1)From the perspective of Web application construction,the construction of Web application is layered from the top to the bottom,and the heterogeneity of Web heterogeneous redundancy system at different levels is discussed hierarchically,and finally the quantitative Web heterogeneous redundant system The degree of heterogeneity,and ultimately achieve the purpose of screening a large degree ofheterogeneity of the implementation of the body set.Taking into account the complexity of the screening process,this paper presents a screening program combined with genetic algorithms,in which the fitness function using the quantitative method proposed in this paper.2)Based on the background of mimicry defense,this paper proposes a dynamic switching algorithm(DSA)based on Syslog audit.DSA will make full use of the audit results of the syslog to dynamically switch the executable based on real-time data to make the internal structure of the system dynamic.The DSA also considers the system switching cost and system heterogeneity before and after execution switching,and transforms the dynamic switching problem into a two-objective optimization problem.Simulation results show that,compared with static structure,DSA can effectively transfer and reduce the attack surface exposed by the system,and has better data confidentiality and intrusion tolerance.To establish a proactive defense system with stable response time and continuous reliable service Has a positive guiding significance.